close

close

Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.

close

close

Press esc to close

close close

Back to course information

Thank you for your enquiry!

One of our training experts will be in touch shortly to go overy your training requirements.

close close

Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.

Course information

Course Outline

Basics

  • Introduction to ISO 27017
  • What is Information Security in ISO 27017?
  • Requirements of ISO 27017
  • What are the Benefits for a Business and Organisation?
  • The benefits of implementing ISO/IEC 27017:2015

Determining the Scope of the Information Security

  • Scope of ISO 27017
  • Who is ISO 27017 for?
  • What are the Main Differences?
  • Role of ISO 27017 in Various Organisations

Working of ISO 27017

  • How ISO 27017 Works?
  • Core Concepts of ISO 27017
  • Key Requirements of ISO 27017
  • How to make ISO 27017 effective?

Cloud Sector-Specific Concepts

  • Overview
  • Supplier Relationships in Cloud Services
  • Relationships Between Cloud Service Customers and Cloud Service Providers
  • Managing Information Security Risks in Cloud Services
  • Structure of this Standard

Understanding the Key Concepts of Information Security in Cloud Services

  • Key Concepts and Requirements of ISO/IEC 27001:2013 Work When Implementing ISO/IEC 27017:2015
  • ISO/IEC 27017:2015 Controls Relevant to your Risk Assessment

Performing ISO 27017 Audits

  • Preparing Audit Reports
  • Analysing Data
  • Auditing Procedures
  • Reviewing Documents and Reports
  • Validating Reports
  • Designing and Merging Findings
  • Classifying Findings
  • Planning, Organising, And Prioritising
  • Factors That Affect the Reliability of Audit Findings

Internal Auditor

  • Roles and Responsibilities of an Internal Auditor
  • Record Review Activities
  • Internal Auditor Checklist
  • Communication Between Departments
  • Drafting Reports and Test Plans
  • Prepare and Distribute an Audit Report

Scope

  • Scope Definition
  • Scope Consideration
  • Scope Statement
  • Scope Agreement
  • Guidelines

Information Security Policies

  • Management Direction for Information Security

Organisation of Information Security

  • Internal Organisation
  • Mobile Devices and Teleworking

Introduction to Lead Auditor

  • Definition of Lead Auditor

On-Site Auditing

  • Conduct Interview
  • Create and Evaluate Checklist
  • Questionnaires for Data Collection
  • Conduct Document Review
  • Evaluate The Work Done
  • Provide Sample

Remote Auditing

  • Observe Work Through Surveillance at The Workplace
  • Enhancing Interaction Through Communication
  • Conduct Document Reviews with Auditees
  • Data Analysis

Access control

  • Business Requirements of Access Control
  • User Access Management
  • User Responsibilities
  • System and Application Access Control

Physical and Environmental Security

  • Secure Areas
  • Equipment

Operations Security

  • Operational Procedures and Responsibilities
  • Protection from Malware
  • Backup
  • Logging and Monitoring
  • Control of Operational Software
  • Technical Vulnerability Management
  • Information Systems Audit Considerations

Communications Security

  • Network Security Management
  • Information Transfer

Show moredowndown

Prerequisites

Candidates must also have a basic knowledge of auditing to ensure that they fully understand the content of the course and gain required skills.

Audience

Anyone who plans, implements, maintains, supervises or assesses information security controls, as part of an information security management system, as either a customer or provider of cloud services.

ISO 27017 Information Security Controls for Cloud Services​ Course Overview

The ISO/IEC 27017:2015 standard is designed to use cloud information security controls as a reference when implementing a cloud computing information security management system for organisations based on ISO/IEC 27002:2013. ISO/IEC 27017 can be considered as a code of practice, which gives guidance on such controls and assists the delegates to concentrates on the more particular risks related to cloud services as a customer.

This 2-day ISO 27017 certification aims to build on the knowledge specific to the cloud. This course helps the delegates to clearly identify who is responsible to manage the different security risks and ensure the appropriate cloud security controls are in place so you can maintain a resilient ISMS.

This training covers below important concepts:

  • Concepts specific to the cloud
  • Typical information security risks in cloud services
  • ISO/IEC 27017:2015 introduction, scope and structure
  • Applicable terms and definitions
  • The benefits of implementing ISO/IEC 27017:2015
  • A typical ISO/IEC 27017:2015 implementation framework

At the end of this training course, delegates will be able to lead a team of auditors in planning and reporting audits, as well as Identify key benefits associated with using ISO/IEC 27017 for cloud services, alongside an effective ISMS. They will also ensure that management system considers appropriate cloud-related controls that enable improved organisational security as technology evolves. This course will also make them efficient to provide products and services that consistently meet customer needs and increases their confidence.

Show moredowndown

  • Delegate pack consisting of course notes and exercises
  • Manual
  • Experienced Instructor

Show moredowndown

Why choose us

Ways to take this course

Our easy to use Virtual platform allows you to sit the course from home with a live instructor. You will follow the same schedule as the classroom course, and will be able to interact with the trainer and other delegates.

Our fully interactive online training platform is compatible across all devices and can be accessed from anywhere, at any time. All our online courses come with a standard 90 days access that can be extended upon request. Our expert trainers are constantly on hand to help you with any questions which may arise.

This is our most popular style of learning. We run courses in 1200 locations, across 200 countries in one of our hand-picked training venues, providing the all important ‘human touch’ which may be missed in other learning styles.

best_trainers

Highly experienced trainers

All our trainers are highly qualified, have 10+ years of real-world experience and will provide you with an engaging learning experience.

venues

State of the art training venues

We only use the highest standard of learning facilities to make sure your experience is as comfortable and distraction-free as possible

small_classes

Small class sizes

We limit our class sizes to promote better discussion and ensuring everyone has a personalized experience

value_for_money

Great value for money

Get more bang for your buck! If you find your chosen course cheaper elsewhere, we’ll match it!

This is the same great training as our classroom learning but carried out at your own business premises. This is the perfect option for larger scale training requirements and means less time away from the office.

tailored_learning_experience

Tailored learning experience

Our courses can be adapted to meet your individual project or business requirements regardless of scope.

budget

Maximise your training budget

Cut unnecessary costs and focus your entire budget on what really matters, the training.

team_building

Team building opportunity

This gives your team a great opportunity to come together, bond, and discuss, which you may not get in a standard classroom setting.

monitor_progress

Monitor employees progress

Keep track of your employees’ progression and performance in your own workspace.

What our customers are saying

Frequently asked questions

FAQ's

Please arrive at the venue at 8:45am.
Candidates must also have a basic knowledge of auditing to ensure that they fully understand the content of the course and gain required skills.
Anyone who plans, implements, maintains, supervises or assesses information security controls, as part of an information security management system, as either a customer or provider of cloud services.
We are able to provide support via phone & email prior to attending, during and after the course.
Delegate pack consisting of course notes and exercises, Manual, Experienced Instructor, and Refreshments
This course is 2 days.
Once your booking has been placed and confirmed, you will receive an email which contains your course location, course overview, pre-course reading material (if required), course agenda and payment receipts
The price for ISO 27017 Information Security Controls for Cloud Services certification in New Zealand starts from NZD1195
The Knowledge Academy is the Leading global training provider in the world for ISO 27017 Information Security Controls for Cloud Services.

Why choose us

icon

Best price in the industry

You won't find better value in the marketplace. If you do find a lower price, we will beat it.

icon

Many delivery methods

Flexible delivery methods are available depending on your learning style.

icon

High quality resources

Resources are included for a comprehensive learning experience.

barclays Logo
deloitte Logo
Thames Water Logo

"Really good course and well organised. Trainer was great with a sense of humour - his experience allowed a free flowing course, structured to help you gain as much information & relevant experience whilst helping prepare you for the exam"

Joshua Davies, Thames Water

santander logo
bmw Logo
Google Logo
Shell Logo

"...the trainer for this course was excellent. I would definitely recommend (and already have) this course to others."

Diane Gray, Shell

Looking for more information on ISO 27017 Training?

backBack to course information

Get a custom course package

We may not have any package deals available including this course. If you enquire or give us a call on +64 800 446148 and speak to our training experts, we should be able to help you with your requirements.